We provide IT Staff Augmentation Services!

Sre/devops Engineer Resume

San Francisco, CaliforniA

SUMMARY

  • Certified AWS Cloud and DevOps Engineer with over 8+ years of experience in IT with major focus on build & release, Deployment, Linux Administration, AWS Cloud Infrastructure and delivery management and Cloud migration and operations.
  • Strengths in DevOps, AWS Solutions Architecture, DR, Data center operations, PCI - DSS compliance, Electronic Tolling domain.
  • Experience of AWS services including EC2, VPC, IAM, Elastic Beanstalk, S3, CloudFront, RDS, CloudWatch, Route 53, SNS, SQS, EFS, Elastic ache, Code Commit, Code Build, Code Deploy, Code Pipelines, Directory services, Macie, Glacier, Inspector.
  • Experienced in preparing cost estimates and capacity planning and designing proposals for cloud/on-prem/hybrid models and DR models.
  • Experienced in maintaining on-prem physical/virtual environments/Cloud environments and using Dell Vertex based server and VMWare vSphere, VCenter.
  • Experienced in creating architecture and network drawings as part of technical proposals and oral presentations for government project bids.
  • Experience with Linux/Windows environments and Installations, Upgrades, Patches, Migration, and Troubleshooting using WSUS and Ansible for patching.
  • Good experience in maintaining AWS IAM Services in Users, Groups, Policies, Roles, AWS Access Keys and MFA.
  • Experienced in administration/branching/tagging and maintenance of Source Control Management systems and version control tools like SVN and GIT based tools like Code Commit and Bitbucket. Performed migration of on-premises SVN to cloud based Bitbucket.
  • Experienced with middleware layer applications like Apache Tomcat, JBOSS EAP, Apache ActiveMQ.
  • Advocated the usage of automation in CI/CD processes and instrumental in implementation of Jenkins Pipelines, resulted in automation of 75% of the release process tasks. Released over 100 software versions from development to production.
  • Created CI/CD build and delivery pipelines in Jenkins using Jenkins’s file and AWS Code pipeline using buildspec.yml and appspec.yml files.
  • Experienced in containerization technologies Docker, Docker Swarm and Kubernetes. Creating Docker images, Docker file, Compose.
  • Experience with infrastructure provisioning and automation tools like Cloud Formation and Terraform to implement IAC by creating CloudFormation Stacks and Terraform templates for AWS resource provisioning.
  • Experience in implementing a production ready, load balanced, highly available, fault tolerant, auto scaling Kubernetes Infrastructure.
  • Experienced with Databases Like PostgreSQL, Amazon Aurora, Oracle and writing SQL queries and using tools like Oracle and Postgres Enterprise Manager.
  • Experience in log management and monitoring tools like Elastic, Logstash, Kibana stack and Nagios, CloudWatch for centralized logging, archival and retention.
  • Performed Proof of Concept (POC) for Ansible and managed Ansible Playbooks with Ansible roles and host inventory files.
  • Good knowledge of Build scripts using scripting languages like Shell and YAML. Developed shell scripts and ran as corn jobs to automate file archival and older file deletion.
  • Experienced in creating on-call schedules for production support rotation.
  • Published and maintained Android/iOS mobile apps for the tolling agency customers.
  • Experienced in managing Microsoft Active Directory forests and Exchange Servers.
  • Enterprise IT experience includes 5 years of hands-on IT administration such as Active Directory, Exchange, Office 365, Atlassian JIRA, Confluence, Bitbucket and SharePoint administration.
  • Experience leading a cross functional team of 6 people located in different countries and time zones. Excellent Client relation skills as well as the ability to communicate effectively with all the levels of management.
  • Managed multiple projects simultaneously as Operations and tech lead in Onshore-offshore model.

TECHNICAL SKILLS

OS: Linux, CentOS/RHEL, Windows Server, VMWare ESXi

Networking: VPC, Route53, SonicWall Firewalls, Direct Connect, Elastic Load Balancer, NAT Gateway, VPC Endpoints, Firewall Analyzer, VLANs, TCP/IP, NTP, FTP, HTTP, HTTPS, SMB, SSH, SFTP, SMTP, DHCP, NFS, LDAP, WAF, CDN, SCP, SSL.

SCM/ Version Control: SVN, GIT, Bitbucket, GitHub, AWS Code Commit, Visual Studio

CI-CD Tools: Jenkins, Code Build, Code Deploy, Code Pipeline, Azure DevOps, TravisCI, Maven.

Cloud Tools: AWS Cloud Formation, EC2, EC2 Autoscaling, EB, EBS, RDS, IAM, ELB, ECS/EKS, SSM Parameter Store, Secrets Manager, Service Catalog, SSM Patch Manager, S3 Storage, EFS, Autoscaling, EC2 lifecycle manager, AWS Lambda, SNS, SQS, CloudFront, AWS LightSail, VPC, NACL, AWS CloudWatch, Azure Active Directory, AWS Directory Services, AWS Elasticsearch.

Containerization: Docker, Docker Compose, Kubernetes, AWS EKS, ECS, Helm.

IAC/Automation: Terraform, Cloud Formation, Ansible

Governance & Compliance: PCI-DSS, GFI Lan guard, AWS Organizations, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets, AWS Artifact, AWS Config.

Programming Languages: HTML, CSS, JAVA, SQL, JSON, YAML, Shell Scripting

Middleware Layer: JBOSS EAP, Tomcat, Apache ActiveMQ, Apache HTTP Web Server

Database: AWS Aurora, Oracle, AWS RDS, PostgreSQL, MySQL, DynamoDB, Redis.

Monitoring Tools: AWS CloudWatch, CloudTrail, Site 24x7, Nagios Monitoring Tool, Google Analytics, ELK Stack, ManageEngine Log360

Hardware/Virtualization: Dell PowerEdge VRTX Servers, Dell FX2 Servers, Cisco Firewalls, SonicWall Firewalls, VMWare ESXi, VMWare VCenter.

Backup/DR: Acronis, AWS Cloud Endure, Veeam backup and replication, Carbonite.

Tools: Active Directory, SharePoint, Office 365, JIRA, Lucid chart, MS Visio.

Customer Engagement: Twilio SMS, Twilio Flex Omni Channel Customer Contact Center, Twilio SendGrid, AWS SES.

PROFESSIONAL EXPERIENCE

SRE/DevOps Engineer

Confidential -- San Francisco, California

Responsibilities:

  • Planned and prepared price proposals and capacity planning for the cloud/hybrid and on-prem models, transpired in shortlisting for over 5 major projects.
  • Setup and built AWS infrastructure various resources VPC, ELB, EC2, ECS with Docker, S3, IAM, EBS, IAM, EFS, CloudFormation, Elastic Cache, Elastic search, CloudWatch, Route53, Security Groups, Auto Scaling and RDS.
  • Architected and performed the cloud strategy of the organization of the very first cloud deployment of the product suite.
  • Designed and built multi-AZ, multi-region deployment of EC2 instances, ELB health checks, Auto Scaling.
  • Created secure VPCs using public and private subnets, NAT Gateway, VPC endpoints, security groups and ACLs.
  • Implemented identity management in AWS using SSO and Azure AD using Active Directory Federation Services to sync with on-prem AD Server.
  • Implemented AWS Organizations to centrally manage and govern all AWS Cloud environments and used SCPs (Service Control Policies) to create targeted governance boundaries on the OUs (Organizational Units).
  • Architected Amazon Aurora and RDS PostgreSQL database with multi-AZ for automatic failover.
  • Configured Jenkins pipelines using Pipeline scripts and Maven for building for on-prem deployments for dev and integration environments.
  • Created parallel and sequential CI/CD stages in AWS Code Pipeline to deploy across multiple environments with manual approval.
  • Created Ansible playbooks and host inventory files to perform security patching using yum and triggered from Jenkins on a schedule.
  • Used YAML based Ansible playbooks to manage configuration files, mount points and services.
  • Containerizing Java applications using Docker, created Docker file using approved base images and deploying them on Kubernetes cluster using Kubectl
  • Created and maintained existing K8s objects like Deployments, Services, PVC using YAML config files to ensure faster and safer deployments.
  • Create and provision Kubernetes clusters on AWS using Docker and Terraform.
  • Created VPC, Internet Gateway, Route Tables, Subnets, Security groups, ports, NACLs using the knowledge of Terraform and Cloud Formation for various applications and environments.
  • Worked with Docker for development and testing. Installed Docker Registry for local upload and download off Docker images and ECR as well.
  • Created branching and merging strategy with multiple branches and used Bitbucket for SCM.
  • Implemented DR strategy for on-prem servers using AWS Cloud Endure and performed failover and failback operations and dry runs.
  • Used CloudWatch, CloudTrail and VPC Flow logs to retain account activity across AWS infrastructure for audit trails, governance, and compliance requirements.
  • Used AWS Macie, AWS Guard Duty and AWS Inspector for Vulnerability assessment and to meet PCI compliance requirements.
  • Used tools like AWS Budgets, Cost Allocation Tags, Cost Explorer, cost and usage reports for cost management and governance. Used AWS Trusted Advisor tool to implement and refine to achieve AWS best practices.
  • Used SSM patch manager to patch EC2 instances.
  • Used SSM Parameter store and secrets manager to store sensitive data like passwords to allow rotation periodically.
  • Implemented Manage Engine Firewall Analyzer and Log360 to achieve PCI-Compliance and develop monthly audit reports.
  • Implemented WAF and wildcard SSL certificate on the website to improve website security by limiting to only North American countries and newer gen SSL v3, TLS v1.2 or higher protocols.
  • Secured tomcat by configuring HTTPS, disabling management access, LDAP authentication, disabling weak ciphers and older SSL/TLS protocols, Java keystores using key tool.
  • Implemented and managed several windows and Linux network file shares like NFS, SMB, CIFS securely.
  • Implemented encryption at rest and encryption in transit using KMS and SSL encryption.
  • Responsible for creating monitors, alarms, and notifications for EC2 hosts using Cloud watch and SNS.
  • Used AWS Config to capture and track and notify the changes and for configuration management and governance on the AWS Environment.
  • Implemented OpenVPN server from AWS Marketplace for on-prem users.
  • Led the performance testing effort and exceeded the goal by 2 times. Improved application efficiency by over 30% by identifying/optimizing slow running DB queries and processes.
  • Provided application and production support for various applications. Created on-call schedules and responsible for the maintenance for the application.
  • Advocated and led the transition of on-prem Dev/Test/Demo workloads to the AWS Cloud, enforced the company to change the strategy to 100% AWS implementation.

Environment: VPC, ELB, EC2, ECS with Docker, S3, IAM, EBS, IAM, EFS, AWS Aurora, CloudFormation, Elastic Cache, Elastic search, CloudWatch, Route53, Security Groups, Auto Scaling, RDS, KMS, AWS Config, OpenVPN, Lucid Chart, MS Visio.

Sr. Cloud Engineer/DevOps Engineer/SRE

Confidential, OR

Responsibilities:

  • Designed and architected a hybrid deployment model with a primary On-prem data center and secondary DR in the cloud using AWS Cloud Endure/Veeam.
  • Responsible for creating and maintaining the Bill of Materials to procure entire hardware required to build the primary datacenter from scratch.
  • Implemented process for release management, automated code deployment, configuration management and monitoring.
  • Introduced Asset Management and ticket management using JIRA Service Management to maintain a stock of all the hardware.
  • Designed a public facing FTP server in the DMZ network for inter-agency file sharing.
  • Created SMB to implement CIFS and NFS file shares for internal file sharing.
  • Executed user administration and maintenance tasks including creating users and groups, reports, and queries in Microsoft Active Directory.
  • Created and performed security hardening checklists of Linux, Windows, and VMWare ESXi servers to meet the requirements.
  • Implemented LDAP authentication using MS Active Directory for the applications using Tomcat and JBoss EAP.
  • Implemented Nagios monitoring solution for monitoring services and hosts.
  • Performed periodic vulnerability assessments using GFI Langured on Windows/Linux servers using agent-based scanning to proactively find and patch zero-day vulnerabilities.
  • Responsible for firmware patching on the entire hardware stack like firewalls, network switches, routers, physical servers, and virtual firmware updates.
  • Responsible for implementation of Antivirus on servers and workstations and maintaining the policies and threat definitions.
  • Implemented on-prem backup and replication using Veeam Backup and Recovery Essentials and remote cloud backup to AWS S3.
  • Implemented AWS Cloud Endure for a Disaster Recovery setup to achieve an RPO of 10mins and RTO of 4 hours. Performed gameday testing of failover and failback.
  • Performed systems integration with several external systems like DMV, Collections, Payment Gateway etc.
  • Performed P2V migration multiple on-prem servers to virtualized environment.

AWS Cloud Engineer/DevOps Engineer

Confidential, OR

Responsibilities:

  • Implemented and designed scalable, secure cloud architecture based on Amazon Web Services. Oversaw annual IT budget of $50,000 each for the tolling agencies.
  • Implementedand responsible for production and staging environments which includes AWSCloud services like EC2, VPC, ELB, S3, EBS, Elastic Beanstalk, AMI, SNS, RDS, DynamoDB, IAM, Route 53, Auto scaling, CloudFront, Cloud Watch, Cloud Trail, Cloud Formation and Security Groups.
  • Created and managed AWS Stack using CloudFormation and Terraform templates, stored in GIT, visualized CloudFormation templates as diagrams and edited them with the AWS CloudFormation Designer.
  • Built S3 buckets and managed policies for S3 buckets and used S3 bucket and Glacier for storage and backup onAWS.
  • Configured S3 versioning and lifecycle policies to backup files and archive files in Glacier.
  • Setup secure public facing SFTP server using AWS Transfer family.
  • Setup Load balancer using ELB to distribute the incoming traffic onto web servers.
  • Automated taking EBS snapshots using Lambda and python scripts and monitor RAM utilization on EC2 instances.
  • Migrated DNS and Domain hosting from an external service provider to Route 53. Migrated an on-prem website into AWS LightSail to improve the website performance.
  • Achieved PCI-ASV compliance by performing ASV Scans and clearing the vulnerabilities.
  • Responsible for change tracking and management, scheduling maintenance windows and application uptime.
  • Used Jenkins pipelines to perform deployments through various stages.
  • Used Kubernetes to deploy scale, load balance, scale and manage Docker containers.
  • Managed deployments in EKS Managed Kubernetes, setup multi-cluster nodes and deployed containerized apps.
  • Used JBoss EAP and Tomcat as middleware layer to deploy the applications and clustering. Performed clustering and load balancing using Mod Cluster and Mod JK.
  • Experienced working in event-driven architecture using Apache ActiveMQ.
  • Implemented LDAP authentication using MS Active Directory for the applications using Tomcat and JBoss EAP.
  • Implemented Asset and configuration management of inventory using JIRA Insight

Environment: AWS EC2, AWS Cloud Endure, AWS Route 53, AWS LightSail, Dell PowerEdge VRTX, RHEL, SonicWALL NSA 2600, HP Network Switches, MS Active Directory, VMWare VCenter, VMware vSphere, Acronis cloud backup, ELK, Nagios, Jenkins, Atlassian JIRA, Apache HTTPD Server, Redis, JBoss EAP, Apache ActiveMQ, EDB Postgres, Apache Tomcat, Cantaloupe Image Server, GFI Languard.

AWS Cloud Engineer/DevOps Engineer

Confidential

Responsibilities:

  • Promoted within 12 months for taking ownership, strong performance and organizational impact. Released over 100 software versions from development to production.
  • Set up and created entire dev/test/UAT/production workloads in On-prem and AWS.
  • Created alarms in cloud watch for monitoring the metrics like CPU utilization, disk usage and performed log streaming into AWS S3 using CW Unified agent.
  • Installed and provisioned Docker to automate application deployment by ECS, EKS, EB services.
  • Used AWS Code Deploy and Code Pipelines to deploy to AWS instances.
  • Used CloudWatch and Nagios monitoring tool for monitoring the servers and services.
  • Created CloudFormation templates for automation process on EC2 instances in AWS.
  • Used Aurora, PostgreSQL, Oracle 12C for database. Deployed Jasper Reporting Server for reporting engine.
  • Setup and maintained ELK stack for aggregating logs from all systems and applications, searching, routing, and visualizing logged data.
  • Troubleshooting the network issues involving TCP/IP, LAN/WAN networking, DNS, DHCP, SMTP using netstat, telnet and Wireshark to open firewall ports and network availability etc.
  • Created custom monitors using Nagios for monitoring services, hosts and metrics using Nagios objects.
  • Designed requirements and spearheaded the effort to integrate 3rd party SaaS tools like AWS SES, Smarty Streets, SendGrid email, Twilio SMS, Payment gateway iFrames, Twilio Omnichannel customer center etc. into the ETBOS™ product, resulting in over 50+ new features in the CRM.

Environment: AWS, EC2, RDS, AWS SQS, DynamoDB, DAX, Docker, ECS, AWS SES, Route 53, Amazon Linux, RHEL 7, JBoss EAP, Apache ActiveMQ, Jasper Reporting Server, Apache Tomcat, Selenium, Cucumber, Java, PostgreSQL, PgAdmin 3, DBeaver, MS Visio, HTML, CSS, Angular JS, SQL, Jenkins, Bitbuckets, SVN, Twilio Flex, Verifone Payment gateway, Twilio SendGrid.

AWS Cloud Engineer/ Systems Engineer

Confidential

Responsibilities:

  • Set up the AWS Organizations and self-service portal for the various company internal and client accounts and maintained the consolidated billing of all the accounts.
  • Configured and maintained IAM users, IAM roles and policies for the organization.
  • Setup Active Directory integration and SSO with Microsoft Azure AD and AWS using MS ADFS service allowing two-way synchronization.
  • Managed multiple AD forests and Domains and Microsoft Exchange Server.
  • Managed and administered multiple office 365 tenants.
  • Experienced in setting up and managing Amazon Linux, RHEL, Centos and Windows virtual servers on AWS EC2 and VMWare.
  • Advocated the usage of automation in CI/CD processes and instrumental in implementation of Jenkins Pipelines, resulted in automation of 75% of the release process tasks.
  • Used Maven as a build tool for Java applications for the development of build artifacts. Setup JFrog antifactory repository to store the artifacts.
  • Introduced Bitbucket for source control and migrated from on-prem SVN.
  • Worked on Version control setups like Bitbuckets and integration tools like Jenkins.
  • Tracked backlogs and fixed bugs using JIRA. Responsible for JIRA Software and ServiceDesk tools and user management.
  • Overhauled the on-prem document management system and migrated to SharePoint.

Environment: AWS, IAM, AWS Organizations, Azure AD, SSO, Dell PowerEdge VRTX, CMC, VMWare ESXi, VMWare vSphere, RHEL, Active Directory, Windows Server 2012, Office 365, MS Exchange Server, Atlassian JIRA, SVN, Bitbucket, SharePoint, Jenkins, Maven, Java.

AWS Engineer

Confidential

Responsibilities:

  • Collaborated with senior staff in the design, planning, implementation, and support.
  • Served on team managing server deployment and allocation of virtual servers.
  • Created and maintained Linux instances on AWS using EC2-Classic.
  • Worked across the development lifecycle with various teams.
  • Performed 24x7 on-call duties on a rotation basis to perform critical server restarts.
  • Updated Linux OS patches to ensure security updates are up to date. Monitor the status of critical system services reporting performance and server health.
  • Performed data analysis using SQL queries.
  • Responsible for keeping the production test machine in sync with production.
  • Creation of change Requests for monthly changes.
  • Translate functional specifications into infrastructure-based component design documents and estimate the level of effort to implement it.

Environment: AWS EC2-Classic, CentOS, Java, SQL.

Hire Now